Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Static resources URL having double slash, prevent loading from AWS S3 CDN. #42

Open
henriquemattos opened this issue Aug 4, 2017 · 4 comments
Open

Static resources URL having double slash, prevent loading from AWS S3 CDN. #42

henriquemattos opened this issue Aug 4, 2017 · 4 comments

Comments

@henriquemattos
Copy link

Hi, don't know if this is the right/official place, but here we go:
The following files have two slashes in the URL path and the file can't be loaded from AWS S3 CDN that way. Returns a 404 Not Found in the Network tab from Dev Tools.

  • pluginlogo.png
  • menuicon.png
  • scripts.js
  • pluginlogo.png (again)
  • menuicon.png (again)
  • scripts.js (again)
  • styles.css

Their original URL should be:
https://www.visualworks.com.br/wp-content/plugins/sucuri-scanner/inc/images/pluginlogo.png

But instead it is:
https://www.visualworks.com.br/wp-content/plugins/sucuri-scanner//inc/images/pluginlogo.png

I'm currently using AWS CloudFront to forward wp-content/.[js|png|jpg|css...] to AWS S3 origin.

This is a very high issue because I can't access the plugin settings page properly as the CSS and JavaScript don't load.
@nirmal1520
Copy link

I'm also facing a similar problem, did you find any fix? I would appreciate it if you could shed some light on this.

@henriquemattos
Copy link
Author

Hi, @nirmal1520 .

I stopped using the plugin for CDN in favor of W3 Total Cache, and eventually stopped using the plugin in general just by hardening WordPress manually (in the server and in AWS CloudFront and S3). In the end, as you can see the links above, I stopped using WordPress in total because I just need a static website.

If your case is exactly the same, I recommend that you stop forwarding Sucuri static assets to S3 via CloudFront and let it pass directly to your application/web (WordPress) server. You can create a behavior for this case and point to the origin where the .php stands.

But, if you consider all the "hardening" that Sucuri does, you could just manually do them and avoid another plugin consuming/processing your resources (like disk, database, cache, etc).

Regards,
Henrique

@henriquemattos
Copy link
Author

Hi, @nirmal1520 .

The error comes from here:

sucuri-wordpress-plugin/sucuri.php

Line 114 in 5687384

define('SUCURISCAN_URL', rtrim(plugin_dir_url(__FILE__), '/'));

You can create a Pull Request removing this extra slash in the end but I have no clue if they will accept and what are their procedures for accepting pull requests. I've never contributed here.

Cheers,
Henrique

@nirmal1520
Copy link

Thank you so much @henriquemattos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@henriquemattos @nirmal1520